DOCSLIB.ORG

2016 / Detect, Disrupt, Deter 391

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
2016 / Detect, Disrupt, Deter 391 2016 / Detect, Disrupt, Deter 391 ARTICLE Detect, Disrupt, Deter: A Whole-of-Government Approach to National Security Cyber Threats ________________________ John P. Carlin* * Assistant Attorney General for National Security, United States Department of Justice. I would like to thank David Forscey, Chloe Goodwin, Megan Henry, Sarah Howard, Allison Kempf, Alan Rozenshtein, Paul Schied, Yishai Schwartz, and Joshua Silverstein for their help in preparing this Article. I would also like to thank Josh Goldfoot, Chris Hardee, Adam Hickey, Alex Iftimie, James Melendres, Anita Singh, Brad Wiegmann, and several other individuals both inside and outside the government for their comments and assistance. This material has been reviewed by the Department of Justice to prevent the disclosure of classified information. Copyright © 2016 by the Presidents and Fellows of Harvard College and John P. Carlin 392 Harvard National Security Journal / Vol. 7 Table of Contents Introduction ....................................................................................................... 393 I. The Cyber Threat and the Need for Deterrence ......................................... 398 A. Means of Intrusion and Attack .................................................................. 398 B. Threat Actors ............................................................................................ 401 C. Motivations ............................................................................................... 404 II. Attribution and the Role of Investigations ................................................. 409 A. The Post-9/11 National Security Evolution of the Department of Justice ................................................................................................... 410 B. Tools for Attribution ................................................................................. 414 III. An All-Tools Approach to National Security Cyber Threats ................. 418 A. DOJ-Led Activity ...................................................................................... 418 1. Prosecution .......................................................................................... 418 2. Other Civil and Criminal Actions ........................................................ 424 3. New Proposals ..................................................................................... 427 B. DOJ’s Role in a Whole-of-Government Approach ................................... 428 C. Public-Private Collaboration ................................................................... 430 Conclusion .......................................................................................................... 435 2016 / Detect, Disrupt, Deter 393 Introduction The United States faces an inflection point when it comes to the Internet’s effect on daily life. What has enriched our economy and quality of life for the past several decades may start to hurt us more than help us, unless we confront its cybersecurity challenges.1 Waves of network intrusions—increasing in number, sophistication, and severity—have hit American companies and the U.S. government. In 2012, former CIA Director and Defense Secretary Leon Panetta described the nation’s cybersecurity weaknesses as presenting a “pre-9/11 moment.”2 And in July 2014, the 9/11 Commission itself warned: “We are at September 10th levels in terms of cyber preparedness.”3 Following that ominous prediction, in a span of less than two years, the United States was besieged by intrusions originating from around the globe. There was no single target, and no common perpetrator. Our adversaries stated or demonstrated that they hacked on behalf of China, North Korea, Syria, Iran, and many others. They stole sensitive information from government databases, damaged and destroyed private companies’ computer systems, and—in a new twist—even targeted individuals’ personally identifiable information to benefit terrorist organizations. The list of victims is broad and varied—the private sector, the government, and individual citizens. The past two years have publicly demonstrated the extent of the threat. Former Federal Bureau of Investigation (FBI) Director Robert Mueller once offered the following analogy to describe our growing cyber vulnerabilities: In the days of the Roman Empire, roads radiated out from the capital city, spanning more than 52,000 miles. The Romans built these roads to access the vast areas they had conquered. But, in the 1 For the purposes of this Article, “cybersecurity” means the protection of “computers, networks, programs and data from unintended or unauthorized access, change or destruction.” “Cyberspace” refers to the “interdependent network of information technology infrastructures[] that includes the Internet, telecommunications networks, computer systems and embedded processors and controllers.” What is Cyber Security?, UNIV. OF MD. UNIV. COLL., http://www.umuc.edu/ cybersecurity/about/cybersecurity-basics.cfm. Importantly, cybersecurity extends to the protection of devices that are connected to the Internet—whether large-scale critical infrastructure or consumer devices (e.g., the emerging “Internet of Things”). More generally, the word or prefix “cyber” broadly refers to the domain of activity that arises from the close integration of computers, and in particular the Internet, into our society. The term has its detractors, who prefer more specific terms like “online” or “network.” Nevertheless, the term is used here to capture, in one word, otherwise disperse subjects that are the greatest concern in governance. 2 Leon E. Panetta, U.S. Sec’y of Def., Remarks by Secretary Panetta on Cybersecurity to the Business Executives for National Security, New York City (Oct. 11, 2012), http://archive.defense.gov/transcripts/transcript.aspx?transcriptid=5136. 3 BIPARTISAN POLICY CTR., REFLECTIONS ON THE TENTH ANNIVERSARY OF THE 9/11 COMMISSION REPORT (July 2014), http://bipartisanpolicy.org/wp-content/uploads/sites/default/files/files/%20 BPC%209-11%20Commission.pdf. 394 Harvard National Security Journal / Vol. 7 end, these same roads led to Rome’s downfall, for they allowed the invaders to march right up to the city gates.4 Like the Roman roads, the Internet connects us to the world. Empowered by advances in technology like cheap storage, increased bandwidth, miniaturized processors, and cloud architecture, we’ve extended Internet connectivity throughout our lives. But this expansion carries a risk not fully accounted for. Increased connectivity makes our critical infrastructure—water, electricity, communications, banking—and our most private information more vulnerable. We invested an enormous amount over the past few decades to digitize our lives. But we made these investments while systematically underestimating risks to our digital security. If we don’t secure our Internet connectivity, what has been an important driver of prosperity and strength for the past twenty years could have disastrous effects in the next twenty. To meet this challenge, the U.S. government has changed its approach to disrupting national security cyber threats. One element of its new strategy involves implementing and institutionalizing a “whole-of-government” approach. No one agency can beat the threat. Instead, success requires drawing upon each agency’s unique expertise, resources, and legal authorities, and using whichever tool or combination of tools will be most effective in disrupting a particular threat. At times, that may mean economic sanctions from the Treasury Department, proceedings initiated by the Office of the U.S. Trade Representative, and cyber defense operations from the Defense Department. At other times, it might mean information sharing coordinated by the Department of Homeland Security, diplomatic pressure from the State Department, intelligence operations from the U.S. Intelligence Community (IC),5 and prosecution and other legal action from the Justice Department. And in many instances, it will mean a coordinated application of several capabilities from the U.S. government’s menu of options. The United States’ approach to combating Chinese theft of sensitive U.S.- company business information and trade secrets—activity that former National Security Agency Director Keith Alexander described as the “greatest transfer of 4 Robert S. Mueller, Dir., Fed. Bureau of Investigation, Speech at Penn State Forum Speaker Series State College, Pennsylvania, The FBI: Stopping Real Enemies at the Virtual Gates (Nov 6, 2007), https://www.fbi.gov/news/speeches/the-fbi-stopping-real-enemies-at-the-virtual-gates. 5 The IC is “a coalition of 17 agencies and organizations . within the Executive Branch that work both independently and collaboratively to gather and analyze the intelligence necessary to conduct foreign relations and national security activities.” OFFICE OF THE DIR. OF NAT’L INTELLIGENCE, http://www.dni.gov/index.php. It consists of: Air Force Intelligence, Army Intelligence, Central Intelligence Agency, Coast Guard Intelligence, Defense Intelligence Agency, Department of Energy, Department of Homeland Security, Department of State, Department of the Treasury, Drug Enforcement Administration, Federal Bureau of Investigation, Marine Corps Intelligence, National Geospatial-Intelligence Agency, National Reconnaissance Office, National Security Agency, Navy Intelligence, and the Office of the Director of National Intelligence. Id. 2016 / Detect, Disrupt, Deter 395 wealth in history”6—illustrates the power of this coordinated
Load more

Recommended publications
  • February 23, 2017 VIA ELECTRONIC TRANSMISSION the Honorable
    February 23, 2017 VIA ELECTRONIC TRANSMISSION The Honorable Jeff Sessions Attorney General U.S. Department of Justice 950 Pennsylvania Avenue, NW Washington, DC 20530 Dear Attorney General Sessions: In the midst of ongoing, fast-paced litigation challenging Executive Order 13769, titled “Protecting the Nation from Foreign Terrorist Entry into the United States,” Acting Attorney General Sally Yates ordered the Department of Justice not to defend the Order. In a number of those cases, Justice Department attorneys had only a few days to draft briefs or prepare for hearings at the time of Ms. Yates’ order to stop working on them. Given the very short timeframe the Department attorneys had, Ms. Yates’ instruction to them not to defend the Executive Order meaningfully reduced their preparation time, even though she was fired late on the night of January 30. As a result, the Department attorneys were not as prepared to defend the Executive Order in court as they would have been without Ms. Yates’ interference. For example, just a few days later at the hearing on the state of Washington’s motion for a temporary restraining order, the Department attorneys did not have relevant factual information on hand to answer the judge’s question about the number of terrorism-related arrests of nationals from the countries at issue in the Executive Order. As a result, they were unable to enter facts into the record to dispute the judge’s false claim that there had been none. This likely affected his decision to grant the motion for a temporary restraining order. In the appeal on that issue, the importance of that omission became clear, and was part of the basis of the appeals court’s ruling against the President.
    [Show full text]
  • ASEC REPORT Malicious Code Trend 5 6 Vol.17 Security Trend Web Security Trend
    Disclosure to or reproduction for others without the specific written authorization of AhnLab is prohibited. ASEC Copyright (c) AhnLab, Inc. All rights reserved. REPORT VOL.17 | 2011.6 AhnLab Monthly Security Report AhnLab ASEC (AhnLab Security Emergency Response Center) is a Security global security response group consisting of virus analysts and CONTENTS Emergency security experts. This monthly report is published by ASEC, response and it focuses on the most significant security threats and the latest security technologies to guard against these threats. For 01. Malicious Code Trend 02. Security Trend Center further information about this report, please refer to AhnLab, a. Malicious Code Statistics 05 a. Security Statistics 14 Inc.’s homepage (www.ahnlab.com). - Top 20 Malicious Code Reports - Microsoft Security Updates- May 2011 - Top 20 Malicious Code Variant Reports b. Malicious Code Issues 16 - Breakdown of Primary Malicious Code Types - Comparison of Malicious Codes with - Zeus Source Code Leaked and Spyeye Trend Previous Month - Coreflood, a Banking Trojan - Monthly Malicious Code Reports - Online Banking Hacking Scam - Top 20 New Malicious Code Reports - Breakdown of New Malicious Code Types 03. Web Security Trend b. Malicious Code Issues 10 a. Web Security Statistics 17 - 'Dislike' Button Scam - Web Security Summary - AntiVirus AntiSpyware 2011 Scam - Monthly Blocked Malicious URLs - Scam Emails From Bobijou Inc. - Monthly Reported Types of Malicious Code - Spam Promising Nude Photo Spreads Malware - Monthly Domains with Malicious Code - Osama Bin Laden Themed Malware - Monthly URLs with Malicious Code - Distribution of Malicious Codes by Type - Top 10 Distributed Malicious Codes b. Web Security Issues 20 - May 2011 Malicious Code Intrusion: Website ASEC REPORT Malicious Code Trend 5 6 Vol.17 Security Trend Web Security Trend 01.
    [Show full text]
  • Homeland Threats and Agency Responses”
    STATEMENT OF ROBERT S. MUELLER, III DIRECTOR FEDERAL BUREAU OF INVESTIGATION BEFORE THE COMMITTEE ON HOMELAND SECURITY AND GOVERNMENTAL AFFAIRS UNITED STATES SENATE AT A HEARING ENTITLED “HOMELAND THREATS AND AGENCY RESPONSES” PRESENTED SEPTEMBER 19, 2012 Statement of Robert S. Mueller, III Director Federal Bureau of Investigation Before the Committee on Homeland Security and Governmental Affairs United States Senate At a Hearing Entitled “Homeland Threats and Agency Responses” Presented September 19, 2012 Good morning, Chairman Lieberman, Ranking Member Collins, and Members of the Committee. Thank you for the opportunity to appear before the Committee today and for your continued support of the men and women of the FBI. As you know, the Bureau has undergone unprecedented transformation in recent years. Since the attacks of September 11th, we have refocused our efforts to address and prevent emerging terrorist threats. The terrorist threat is more diverse than it was 11 years ago, but today, we in the FBI are better prepared to meet that threat. We also face increasingly complex threats to our nation’s cyber security. Nation-state actors, sophisticated organized crime groups, and hackers for hire are stealing trade secrets and valuable research from America’s companies, universities, and government agencies. Cyber threats also pose a significant risk to our nation’s critical infrastructure. As these threats continue to evolve, so too must the FBI change to counter those threats. We must continue to build partnerships with our law enforcement and private sector partners, as well as the communities we serve. Above all, we must remain firmly committed to carrying out our mission while protecting the civil rights and civil liberties of the people we serve.
    [Show full text]
  • This Is Almost Certainly James Comey's Twitter Account
    Log in / GIZMODO DEADSPIN FUSION JALOPNIK JEZEBEL KOTAKU LIFEHACKER THE Sign ROOT up This Is Almost CertainlyVIDEO SPLOID JamesPALEOFUTURE Comey’sIO9 SCIENCE REVIEWS FIELD GUIDE Twitter Account Ashley Feinberg 3/30/17 3:29pm · Filed to: JAMES COMEY 2.8M 675 226 Digital security and its discontents—from Hillary Clinton’s emails to ransomware to Tor hacks—is in many ways one of the chief concerns of the contemporary FBI. So it makes sense that the bureau’s director, James Comey, would dip his toe into the digital torrent with a Twitter account. It also makes sense, given Comey’s high profile, that he would want that Twitter account to be a secret from the world, lest his follows and favs be scrubbed for clues about what the feds are up to. What is somewhat surprising, however, is that it only took me about four hours of sleuthing to find Comey’s account, which is not protected. Last night, at the Intelligence and National Security Alliance leadership dinner, Comey let slip that he has both a secret Twitter and an Instagram account in the course of relating a quick anecdote about one of his daughters. Kevin Rincon Follow @KevRincon Fun fact: #FBI director James #Comey is on twitter & apparently on Instagram with nine followers. 8:11 PM - 29 Mar 2017 150 139 Who am I to say no to a challenge? As far as finding Comey’s Twitter goes, the only hint he offered was the fact that he has “to be on Twitter now,” meaning that the account would likely be relatively new.
    [Show full text]
  • Pirates of the Isps: Tactics for Turning Online Crooks Into International Pariahs
    21st CENTURY DEFENSE INITIATIVE CyBER SECuRITy #1 July 2011 Pirates of the ISPs: Tactics for Turning Online Crooks Into International Pariahs Noah Shachtman 1775 Massachusetts Ave., NW Washington, D.C. 20036 brookings.edu Pirates of the ISPs: Tactics for Turning Online Crooks Into International Pariahs Noah Shachtman CyberSeCurity #1 July 2011 21st CENTURY DEFENSE INITIATIVE Acknowledgements every research paper is a group effort, no mat- My Wired.com colleagues—ryan Singel, kevin ter what it says on the byline. this project relied Poulsen, kim Zetter and David kravets—cover more on outside assistance than most. brookings the cybersecurity beat better than anyone. this Senior fellows Peter Singer and ken lieberthal paper would have been impossible without them, were the ones who convinced me to explore the and without brian krebs, master investigator of broad topic of cybersecurity. the panel they as- the online underworld. sembled gave me new insight with every meeting; my colleague allan friedman was an especially bill Woodcock, rick Wesson, Jeff Cooper, tyler invaluable tutor and remarkably generous with Moore, audrey Plonk, Jim lewis, Dmitri alpero- his time. heather Messera and robert o’brien vitch, Paul Nicholas, Jessica herrera-flannigan, provided important research and logistical sup- Jart armin, richard bejtlich, Steve Schleien, Jona- port. My research assistant, adam rawnsley, was than Zittrain and many, many others steered me tireless in his exploration of the minutiae of ev- away from my worst ideas and towards those few erything from tort law to pirate havens. not-so-bad ones. for that, i am deeply in their debt. brookings recognizes that the value it provides to any supporter is in its absolute commitment to quality, independence and impact.
    [Show full text]
  • Forensics 2Ème Partie
    actu l’ACTUSÉCU est un magazine numérique rédigé et éditésécu par les consultants du cabinet de conseil XMCO 34MAI 2013 SPÉCIAL INVESTIGATIONS Forensics 2ème partie Investigations Forensics Les étapes et réflexes essentiels pour la réalisation d’une mission forensics. APT1 Résumé et analyse de l’étude menée par Mandiant. Conférences BlackHat, JSSI et HITB. Actualité du moment Analyses du malware Dervec, de la vulnérabilité Java (CVE-2013-0422) et des at- - taques 0day ciblant ColdFusion. buildscharac Et toujours… les logiciels et nos Twitter favoris ! 1 Ce document est la propriété du cabinet XMCO. Toute reproduction est strictement interdite. ® we deliver security expertise www.xmco.fr 2 Ce document est la propriété du cabinet XMCO. Toute reproduction est strictement interdite. édito MAI 2013 [ 45 millions de dollars.... 5 millions chacun ] Ils sont neuf. Ils ont agi dans 27 pays et sont allés jusqu’à retirer 2,4 millions dans des distributeurs automatiques de billets : plus de 40 000 retraits en espèces !!! Bref, un job à plein temps, particulièrement bien rémunéré, mais qui comporte quand même quelques risques... Voici, en synthèse, la news qui est tombée le 10 mai 2013. Comment ne pas la reprendre dans le deuxième numéro de l’ActuSécu consacré au Forensic ? Attention, n’y voyez aucune espèce d’opération marketing conjointe : nous n’avons pas mandaté ces cybercriminels pour promouvoir l’activité de recherche de preuve ! Plusieurs anomalies, dont cette phrase, se trouvent dans cet édito. J’ai fait cela parce que personne ne fait jamais aucun retour sur mon unique contribution à notre magazine. Mais il faut bien admettre que cette information vient confirmer un phénomène de plus en plus constaté : la reconversion d’une partie de la criminalité vers la cybercriminalité.
    [Show full text]
  • An Interdisciplinary Introduction
    Index # See OMB and, 82, 83–84 2-factor authentication, 57, 295, 296 Paperwork Reduction Act, 82 9/11/2001. September 11, 2001 supply chain security, 166, 170 60-Day Cyberspace Policy Review, 100–101, 130, 259 active responses to threats, 207–208, 237–238 256-bit encryption, 193 acts of law, 263 300A and 300B reports, 170 actual cost (AC), 152–154, 156, 299–300, 302 414s (hackers), 6 ACWP (actual cost of work performed), 152 1930s IT infrastructure, 185 “adequate security,” 171 1940s IT infrastructure, 75 Administrative Procedure Act (APA), 266 1950s IT infrastructure, 75–76, 185¬ advanced notices of proposed rulemaking (ANPR), 260, 1960s cybersecurity issues, 4, 76–77, 95 266 1970s cybersecurity issues, 5, 179 advanced persistent threats (APTs), 203–204, 276,- 277 1980s cybersecurity issues, 4–9, 77–81, 82, 185 Advanced Research Projects Agency (ARPA), 4 1990s cybersecurity issues, 9, 81–90, 223–225, 276 Advanced Research Projects Agency Network (AR 2000s cybersecurity issues, 9, 89, 90–101, 220, 276 agenciesPANET), 4, 179 A2010s cybersecurity issues, 10, 101–104, 221–222, 276 African Network Information Centre (AfriNIC), 278 A circulars. See under civilian.audits, 241 See civilian agencies OMB budgets, 260 AC (actual cost), 152–154, 156, 299–300, 302 acceptable levels of risk, 36 classified/unclassified protective markings, 79 acceptable quality level (AQL), 145 compliance standards, 168–169 accepting risks, 16, 20, 22, 60–61 creation of, 266 access codes, 236 cybersecurity policy role, 69–70 access points, 233, 258 Federal Register rules publication, 260 accessibility of systems intelligence.FISMA requirements, See intelligence 97–98, agencies 171 corporate systems, 233 impact on projects, 123 health care systems, 224 military.
    [Show full text]
  • Fight Terror, Not Twitter: Insulating Social Media from Material Support Claims
    Loyola of Los Angeles Entertainment Law Review Volume 37 Number 1 Article 1 Fall 2016 Fight Terror, Not Twitter: Insulating Social Media From Material Support Claims Nina I. Brown Follow this and additional works at: https://digitalcommons.lmu.edu/elr Part of the Entertainment, Arts, and Sports Law Commons, and the Internet Law Commons Recommended Citation Nina I. Brown, Fight Terror, Not Twitter: Insulating Social Media From Material Support Claims, 37 Loy. L.A. Ent. L. Rev. 1 (2017). Available at: https://digitalcommons.lmu.edu/elr/vol37/iss1/1 This Article is brought to you for free and open access by the Law Reviews at Digital Commons @ Loyola Marymount University and Loyola Law School. It has been accepted for inclusion in Loyola of Los Angeles Entertainment Law Review by an authorized administrator of Digital Commons@Loyola Marymount University and Loyola Law School. For more information, please contact [email protected]. ELR – BROWN (V4) (DO NOT DELETE) 1/17/2017 5:09 PM FIGHT TERROR, NOT TWITTER: INSULATING SOCIAL MEDIA FROM MATERIAL SUPPORT CLAIMS NINA I. BROWN Social media companies face a new threat: as millions of users around the globe use their platforms to exchange ideas and information, so do terrorists. Terrorist groups, such as ISIS, have capitalized on the ability to spread propaganda, recruit new members, and raise funds through social media at little to no cost. Does it follow that when these terrorists attack, social media is on the hook for civil liability to victims? Recent lawsuits by families of victims killed in terrorist attacks abroad have argued that the proliferation of terrorists on social media—and social media’s reluctance to stop it—violates the Antiterrorism Act.
    [Show full text]
  • Indias Strategic Options in a Changing Cyberspace
    India’s Strategic Options in a Changing Cyberspace India’s Strategic Options in a Changing Cyberspace Cherian Samuel Munish Sharma INSTITUTE FOR DEFENCE STUDIES & ANALYSES NEW DELHI PENTAGON PRESS LLPLLP India’s Strategic Options in a Changing Cyberspace Cherian Samuel and Munish Sharma First Published in 2019 Copyright © Institute for Defence Studies and Analyses, New Delhi ISBN 978-93-86618-66-5 All rights reserved. No part of this publication may be reproduced, stored in a retrieval system, or transmitted, in any form or by any means, electronic, mechanical, photocopying, recording, or otherwise, without first obtaining written permission of the copyright owner. Disclaimer: The views expressed in this book are those of the authors and do not necessarily reflect those of the Institute for Defence Studies and Analyses, or the Government of India. Published by PENTAGON PRESS LLP 206, Peacock Lane, Shahpur Jat New Delhi-110049 Phones: 011-64706243, 26491568 Telefax: 011-26490600 email: [email protected] website: www.pentagonpress.in In association with Institute for Defence Studies and Analyses No. 1, Development Enclave, New Delhi-110010 Phone: +91-11-26717983 Website: www.idsa.in Printed at Avantika Printers Private Limited. Contents Acknowledgements vii Abbreviations ix Introduction xi 1. Concepts and Definitions 1 2. Cyber Deterrence: The Emerging Landscape 12 3. The Geopolitics of Norms Building in Cyberspace 51 4. Active Cyber Defence: An Analysis 81 5. Critical Information Infrastructure Protection: National Practices and Perspectives 97 6. India’s Technology Challenges: Encryption, Quantum Computing and Artificial Intelligence 115 7. Public-Private Partnership in Cybersecurity: Opportunities and Challenges 143 8. India’s Strategic Options in a Changing Cyberspace 157 Recommendations 165 Index 169 Acknowledgements The seed for this publication was planted in the final meeting of the Project Review & Steering Group when Brig.
    [Show full text]
  • July 13, 2020 the Honorable William P. Barr Attorney General U.S
    July 13, 2020 The Honorable William P. Barr Attorney General U.S. Department of Justice 950 Pennsylvania Avenue, N.W. Washington, D.C. 20530 Dear Attorney General Barr: President Trump’s commutation of Roger Stone’s prison sentence for obstructing a bipartisan congressional investigation raises serious questions about whether this extraordinary intervention was provided in exchange for Mr. Stone’s silence about incriminating acts by the President. During your confirmation hearing before the Senate Judiciary Committee in 2019, I asked whether you “believe a President could lawfully issue a pardon in exchange for the recipient’s promise not to incriminate him.”1 Without hesitation or caveat – and under oath – you responded: “No, that would be a crime.”2 Given recently surfaced information indicating that President Trump may have commuted Mr. Stone’s sentence in exchange for his refusal to incriminate the President, pursuant to your own standard, an inquiry by the Justice Department into Mr. Stone’s commutation is clearly warranted. Thanks to recent Freedom of Information Act lawsuits, newly unredacted portions of Special Counsel Mueller’s report reveal that multiple witnesses confirmed then-candidate Trump’s direct knowledge and encouragement of Roger Stone’s efforts to release damaging information about Hillary Clinton stolen by Russian hackers.3 These witnesses’ observations flatly contradict President Trump’s repeated denials of having such knowledge of Mr. Stone’s activities in his written responses to Special Counsel Mueller’s questions.4 After submitting these suspect answers to the Special Counsel, President Trump took to twitter and praised Mr. Stone for being “brave” and having “guts” for refusing to cooperate with investigators and provide incriminating testimony against him.5 Special Counsel Mueller observed that the President’s tweets about 1 Meg Wagner, Veronica Rocha, & Amanda Wills, Trump’s Attorney General Pick Faces Senate Hearing, CNN (last updated Jan.
    [Show full text]
  • Coordinating Across Chaos: the Practice of Transnational Internet Security Collaboration
    COORDINATING ACROSS CHAOS: THE PRACTICE OF TRANSNATIONAL INTERNET SECURITY COLLABORATION A Dissertation Presented to The Academic Faculty by Tarun Chaudhary In Partial Fulfillment of the Requirements for the Degree International Affairs, Science, and Technology in the Sam Nunn School of International Affairs Georgia Institute of Technology May 2019 COPYRIGHT © 2019 BY TARUN CHAUDHARY COORDINATING ACROSS CHAOS: THE PRACTICE OF TRANSNATIONAL INTERNET SECURITY COLLABORATION Approved by: Dr. Adam N. Stulberg Dr. Peter K. Brecke School of International Affairs School of International Affairs Georgia Institute of Technology Georgia Institute of Technology Dr. Michael D. Salomone Dr. Milton L. Mueller School of International Affairs School of Public Policy Georgia Institute of Technology Georgia Institute of Technology Dr. Jennifer Jordan School of International Affairs Georgia Institute of Technology Date Approved: March 11, 2019 ACKNOWLEDGEMENTS I was once told that writing a dissertation is lonely experience. This is only partially true. The experience of researching and writing this work has been supported and encouraged by a small army of individuals I am forever grateful toward. My wife Jamie, who has been a truly patient soul and encouraging beyond measure while also being my intellectual sounding board always helping guide me to deeper insight. I have benefited from an abundance of truly wonderful teachers over the course of my academic life. Dr. Michael Salomone who steered me toward the world of international security studies since I was an undergraduate, I am thankful for his wisdom and the tremendous amount of support he has given me over the past two decades. The rest of my committee has been equally as encouraging and provided me with countless insights as this work has been gestating and evolving.
    [Show full text]
  • FBI and DOJ Take on the Coreflood Botnet INSIDE THIS ISSUE Microsoft FBI and DOJ Take on the Coreflood Botnet Today [April 13, 2011], the FBI and U.S
    April 14, 2011 FBI and DOJ Take on the Coreflood Botnet INSIDE THIS ISSUE Microsoft FBI and DOJ Take on the Coreflood Botnet Today [April 13, 2011], the FBI and U.S. Department of Justice announced a legal and technical operation to take down the Coreflood botnet, using a civil Expect Targeted suit for a temporary restraining order against the operators of the botnet and Attacks After Massive Epsilon Email Breach, criminal seizure warrants in order to disable the botnet’s infrastructure. Say Expert RSA Explains How it Analysis: Was Hacked In March 2011, Microsoft took legal action to take down the Rustock botnet Web Attacks and earlier, in February 2010, it had taken legal action to bring down the Skyrocketed 93% in Waledac botnet. Symantec reported (PDF) that disrupting Rustock cut down 2010 global spam volumes by one-third. Microsoft recently provided an update on the initial revelations and results of the Rustock takedown, reporting that it MICROSOFT was continuing the legal proceedings and working with its partners to keep the botnet down. RESOURCES Microsoft Security On April 13, 2011, the U.S. Department of Justice (DOJ) and the U.S. Federal Home Bureau of Investigation (FBI) announced that they had undertaken a legal and technical operation to take down the Coreflood botnet, using a civil suit for a Microsoft Trustworthy Computing temporary restraining order against the operators of the botnet and criminal seizure warrants in order to disable the botnet’s infrastructure. Microsoft Security Sites Worldwide The FBI reported that investigation of Coreflood began in April 2009 when a Connecticut-based company realized that hundreds of computers on its networks had been infected.
    [Show full text]